# JEDI Security hardening for uploads/
Options -Indexes

# Prevent execution of scripts in uploads
<FilesMatch "\.(php|phtml|php3|php4|php5|phar|cgi|pl|py|rb|sh|bash|zsh|js|jsx|ts|tsx|html|htm|shtml|xhtml|hta|asp|aspx|jsp|jar)$">
  Require all denied
</FilesMatch>

# Extra safety: treat common script types as plain text if served elsewhere
AddType text/plain .php .phtml .phar .cgi .pl .py .rb .sh .bash .zsh .js .jsx .ts .tsx .html .htm
